G1. Dr.Web Enterprise Server Configuration File

Top  Previous  Next

The drwcsd.conf Server configuration file resides by default in the etc subfolder of the Server root folder. If the Server is run with a command line parameter, a non-standard location and name of the configuration file can be set (for more read Appendix H5. Dr.Web Enterprise Server).

To manage the Dr.Web Enterprise Server configuration file manually, do the following:

1.Stop the Server (see Start and Stop the Dr.Web Enterprise Server).

2.Disable self-protection (in case of installed Agent with the active self-protection - in the Agent context menu).

3.Manage the Server configuration file.

4.Start the Server (see Start and Stop the Dr.Web Enterprise Server).

Dr.Web Enterprise Server Configuration File Format

Formal grammar based on the Extended Backus-Naur Form (EBNF) notation is used for description of the Server configuration file. It uses the following symbols:

◆(...) — group of symbols (fragment of the configuration file);

◆'...' — terminal symbol;

◆<...> — nonterminal symbol;

◆| - symbol for selecting one of the given elements;

◆(...)? - symbol (or group of symbols) to the left of the operator is not obligatory (may occur 0 or 1 time);

◆(...)* - symbol (or group of symbols) to the left of the operator may be repeated any number of times (or may be omitted);

◆(...)+ - symbol (or group of symbols) to the left of the operator may occur 1 or more times;

◆[...] - any symbol from the specified range;

◆period at the end — a reserved character which indicates completion of a rule.

Format of the Server configuration file

The configuration file has a text format. The main structural elements of this file are words, separated by separators — spaces, tabs, carriage returns, line feeds, and format characters. In addition, a sequence of characters included in straight quotation marks "..." is considered a word.

Special sequences of two characters beginning with an ampersand (&) can be included in a word, not breaking it. They are interpreted as follows:

◆&& — as an ampersand itself,

◆&r — carriage return,

◆&t — tab,

◆&n — line feed,

◆&v — vertical tab,

◆&f — format character,

◆&b — backspace character,

◆&e — equal sign (=),

◆&l — vertical bar (|),

◆&s — space.

An ampersand (&) at the end of a line is equal to &n.

Comments begin with a semicolon and continue till the end of the line.

The Server settings are specified in the configuration file as instructions, each of them is one word. Instructions can be followed by instructions parameters (one or several words).

Possible instructions and their parameters are described below. The sequence of instructions in a file is inessential. The parameters (fragments of parameters) set by a user are in angle brackets.

◆Name <name>

Defines the name of the Server it will respond to when the Server is being searched for by the Agent or the Dr.Web Control Center. The default value — an empty line ("") — means using the computer name.

◆Threads <number>

Number of Server threads which are serving clients. By default it is set to 5. It is not advisable to change this parameter unless recommended by the customer support.

◆DBPool <number>

Number of database connections with the Server. For Windows OS and UNIX OS servers the parameter is set to 2 by default. It is not advisable to change this parameter unless recommended by the customer support.

◆MaximumAuthorizationQueue <value>

Specify the maximum number of workstation in the Server authorization queue. It is not advisable to change this parameter unless recommended by the customer support.

◆Newbie <mode>

Access mode of new stations, can have the Open, Close or Approval values (by default, it is Approval. Read more in p. New Stations Approval Policy).

◆UnAuthorizedToNewbie <mode>

The mode can have either the Yes value, which means that the newbie status will be automatically assigned to unapproved stations (for example, if the database has been destroyed), or the No value (default), which stands for a standard operation.

◆WEBStatistics "Interval=<number>

                  Server=<server_address>

                  URL=<catalog>

                  ID=<client_identifier>

                  User=<user>

                  Password=<password>

                  Proxy=<proxy_server>

                  ProxyUser=<proxy_user>

                  ProxyPassword=<proxy_password>"

Above is described a web server where ESS will publish its statistics on detected viruses. The upload span is set in minutes, the default value is 30. It is not recommended to set the upload span to more than one hour.

The default server address is stat.drweb.com:80

The default URL is /update.

ID — client’s identifier (by default, it is derived from the Server key file (enterprise.key).

The User and the Password fields describe the authorization on the web server, other fields determine the proxy server and the authorization on it. By default, the fields are empty (no authorization required).

To get access to data collected on the statistics server, contact the customer support at support@drweb.com.

◆Encryption <mode>

Traffic encryption mode. Possible values: Yes, No, Possible (default is Yes). For more read p. Traffic Encryption and Compression.

◆Compression <mode>

Traffic compression mode. Possible values: Yes, No, Possible (default is No). For more read p. Traffic Encryption and Compression

◆InstallAccess, AgentAccess and LinksAccess parameters are not displayed in the configuration file unless the Use this ACL flag is set (for more see p. Setting the Dr.Web Enterprise Server Configuration). If this flag is set, the displayed value for disabled parameters is “none”. For enabled parameters the specified addresses will be displayed.

◆Database <DRIVER> from <PATH> using <PARAMETERS>

Determination of the database. <DRIVER> — database driver name, <PATH> — path where the driver is to be loaded from, <PARAMETERS>— connection parameters between the Server and the database. Read more in p. Setting the Mode of Operation with Databases.

◆Alert <DRIVER> from <PATH> using <PARAMETERS>

Determination of the "annunciator". <DRIVER> — annunciator driver name, <PATH> — path where the driver is to be loaded from, <PARAMETERS>— annunciator parameters. Read more in p. Setting Alerts.

◆Transport <NAME> <STREAM> <DATAGRAM>

It determines the transport protocols and assigns them to network interfaces. <NAME> — Server name set as in the name instruction above, if an empty line is specified, the name is taken from name. <STREAM> (for example, tcp/), <DATAGRAM> (for example, udp/) have the format described in Appendix D. The Parameters of the Notification System Templates.

◆Disable Message <message>

To disable sending messages of a specific type; possible parameter values: message type; the full list of message types is in the var/templates folder.

◆Disable Protocol <protocol>

Disable using of one of the Server protocols; possible values are AGENT, SERVER, INSTALL. The SERVER protocol is disabled by default. Read more in p. Setting the Dr.Web Enterprise Server Configuration.

◆Disable Plugin <module>

Disable the use of plug-ins for the Server. Legitimate value: WEBMIN. For details see Setting the Dr.Web Enterprise Server Configuration.

◆ShowHostNames=<value>

Enable computer domain names in the log instead of the TCP address. Possible values: Yes or No.

◆ReplaceNetBIOSNames=<value>

Enable replacing computer NetBIOS names with the DNS name. Possible values: Yes or No.

◆The Organization, Department, Country, Province, City, Street, Floor, Room, Latitude and Longitude parameters define additional information about the location of the workstation.

◆TrackAgentJobs <value>

Enable writing the results of task completion for workstations to the DB. Possible values: Yes or No.

◆TrackAgentStatus <value>

Enable accounting of the workstation status changes and writing information to the DB. Possible values: Yes or No.

◆TrackVirusBases <value>

Enable accounting of the workstation virus database status (composition, changes) and writing information to the DB. Possible values: Yes or No.

◆TrackAgentModules <value>

Enable writing to the DB the list of the Anti-virus modules at the station. Possible values: Yes or No.

◆TrackAgentComponents <value>

Enable writing to the DB the list of Anti-virus components (Scanner, Monitors, etc) that are installed at the station. Possible values: Yes or No.

◆KeepRunInformation <value>

Enable writing to the DB information on starting and stopping events of Anti-virus components (Scanner, Monitors, etc) at stations. Possible values: Yes or No.

◆KeepInfections <value>

Enable writing to the DB statistic data about infections, detected at the stations. Possible values: Yes or No.

◆KeepScanErrors <value>

Enable writing to the DB information on all errors, occurring during scanning at the stations. Possible values: Yes or No.

◆KeepScanStatistics <value>

Enable writing to the DB results of stations scanning. Possible values: Yes or No.

◆KeepInstallation <value>

Enable writing to the DB information on Agent installations at the stations. Possible values: Yes or No.

◆Quarantine <value>

Enable writing to the DB stations Quarantine state. Possible values: Yes or No.

◆UpdatesBandwidth <value>

Maximal network traffic bandwidth in KB for updates from Server to Agents. 0 value means unlimited bandwidth.

◆Audit <value>

Enable audit logging of the operations performed by the administrator on the Dr.Web Control Center and writing the log to the DB. Possible values: Yes or No.

◆AuditInternals <value>

Enable audit logging of the Server internal operations and writing the log to the DB. Possible values: Yes or No.